Commit graph

12988 commits

Author SHA1 Message Date
Brandon Koepke
9df777d181 openvpn: adding key_direction to append_params.
key_direction shows up as an openvpn option in the user-interface but does not end up in the /var/etc/openvpn*.conf file. Adding it to the list here fixed the issue for me.

Signed-off-by: Brandon Koepke <bdkoepke@fastmail.com>
2017-02-03 05:10:09 +01:00
Jo-Philipp Wich
c26ff034fc ubox: support quiet modprobe, support millisecond log timestamp accuracy
Update ubox to latest Git HEAD in order to import the following fixes:

ac2d43e kmodloader: support '-q' quiet option
f8d3d16 ubox: Add an option for more accurate timestamps in log

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-02-02 18:37:53 +01:00
Felix Fietkau
47540afa5d ath9k: add a warning to the tx99 config option
Lots of users try random stuff when they encounter any kind of
difficulty. I've had to debug a number of cases where people had enabled
this option for no reason. Hopefully this warning will reduce the number
of useless support cases.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-02 12:44:38 +01:00
Rafał Miłecki
b622f40249 mac80211: brcmfmac: backport wowlan netdetect fixes
I needed a moment to figure out relation between this patchset and the
nl80211: fix validation of scheduled scan info for wowlan netdetect

It appears nl80211 commit will go on top of brcmfmac changes so it's
safe to backport these patches.

One patch that was excluded is commit 2a2a5d1835b6 ("brcmfmac: add
.update_connect_params() callback") as it depends on missing commit
088e8df82f91 ("cfg80211: Add support to update connection parameters").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-02 11:35:46 +01:00
Rafał Miłecki
99d3774a3c mac80211: brcmfmac: backport PSM watchdog improvements
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-02 10:04:57 +01:00
Rafał Miłecki
4491979dc9 mac80211: brcmfmac: backport minor code cleanups
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-02 09:59:23 +01:00
Rafał Miłecki
2a1d8c1f79 mac80211: brcmfmac: backport 4.10 fixes & typo fix
This includes memory leak fix in initialization path.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-02 09:51:34 +01:00
Rafał Miłecki
863a06b0a4 mac80211: brcmfmac: backport scheduled scan cleanup and chip support
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-02 09:49:35 +01:00
Rafał Miłecki
4e611ac5df mac80211: brcmfmac: backport some old patches from 2016
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-02 09:45:59 +01:00
Rafał Miłecki
52be05e190 mac80211: rename brcmfmac patches to use higher prefix
There are more patches to backport that should go before these.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-02 09:39:31 +01:00
Hannu Nyman
eaf3fef946 ccache, samba36: fix samba.org addresses to use https
samba.org has started to enforce https and
currently plain http downloads with curl/wget fail,
so convert samba.org download links to use https.

Modernise links at the same time.

Also convert samba.org URL fields to have https.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2017-02-02 00:14:03 +01:00
Eric Luehrsen
9525743c07 dnsmasq: make DHCPv6 viable for standalone dnsmasq install
dnsmasq has sufficient services to meet the needs of DHCP
and RA with IP6 for single router router users. This is
the most common use for consumer routers. Its reenforced
as most ISP tend to only DHCP-PD /64. dnsmasq has year
over year demonstrated great flexibility in its option
set, and support for off-standard DHCP clients.

odhcpd has enhanced capabilities focused on IP6 such
as DHCP/RA relay and NDP proxy. However, it is not as
flexible in its option set. odhcpd is not as forgiving
with off-standard DHCP clients. Some points may represent
a long term TODO list, but it is the state currently.

These changes make any such combination possible. Already
odhcpd can be set as the main dhcp server. Now odhcpd
can be removed or disabled and dnsmasq will take over
if DHCPv6 compiled in. The existing DHCPv6 and RA UCI
are translated into dnsmasq.conf. The changes focus on
'--dhcp-range', '--dhcp-host', and '--dhcp-options'.

DHCP host ID is least 16 bits [::1000-::FFFF], but
leaves low range for typical infrastructure assignments.
dnsmasq accepts DHCPv6 options in the tranditional
'--dhcp-option' put they must be prefixed 'option6:'.
dnsmasq will also discover SLAAC DNS entries from DHCPv4
clients MAC, and confirm with a ping at least renew.

Long term TODO include improving use of dnsmasq relay
options for DHCPv4 and DHCPv6 in parallel. It would also
be possible to preconfigure DHCP-PD in host-with-options
records for fixed infrastructure.

Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
[Jo-Philipp Wich: emit proper IPv6 hostid format in dhcp-host directive]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-02-02 00:13:49 +01:00
Eric Luehrsen
1b4e3eda1b dnsmasq: expand 'add_local_hostname' fexibility including FQDN
ref commit 612e2276b4
ref commit ec63e3bf13

'option add_local_hostname' scripted implementation statically assigns
this host in auto generated host file at init. If IFUP or other signals
do not occur, then address changes are not tracked. The script doesn't
apply all the addresses at an interface. This may make logs obscure.
The script only puts the bare host name (maybe not FQDN) in host file,
but if '--exapandhosts' is enabled, then /etc/hosts entries will be
suffixed, and "127.0.0.1 localhost" becomes "localhost.lan".

dnsmasq provides an option to perform this function, but it is rather
greedy. '--interface-name=<name>,<iface>' will assign the name to all
IP on the specified interface (except link local). This is a useful
feature, but some setups depend on the original restrictive behavior.

'option add_local_fqdn' is added to enhance the feature set, but
if not entered or empty string, then it will default to original
option and behavior. This new option has a few settings. At each
increased setting the most detailed name becomes the PTR record:
0 - same as add_local_hostname 0 or disabled
1 - same as add_local_hostname 1
2 - assigns the bare host name to all IP w/ --dnsmasq-interface
3 - assigns the FQDN and host to all IP w/ --dnsmasq-interface
4 - assigns <iface>.<host>.<domain> and above w/ --dnsmasq-nterface

'option add_wan_fqdn' is added to run the same procedure on
inferred WAN intefaces. If an interface has 'config dhcp' and
'option ignore 1' set, then it is considered WAN. The original
option would only run on DHCP serving interfaces.

Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
2017-02-02 00:13:49 +01:00
Jo-Philipp Wich
73d923ed6b base-files: emit tagged switch configuration by default
Instead of only using tagged CPU port configurations when more than one VLAN
is present on the switch, always emit tagged configurations unless a board
explicitely opts out of this behaviour by using the previously introduced
[0-9]u@netdev syntax.

Emitting default tagged configurations has the following benefits:

 - Relation of switch vlans to netdevs is easier to understand, especially
   for multi-cpu-port switches

 - Adding additional VLANs (e.g. to break out a LAN port for other purposes)
   becomes easier as users are not forced to change the existing untagged
   VLAN to tagged and the existing ifname notation from ethX to ethX.Y
   anymore, drastly reducing the likelyhood of soft-bricks.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-02-02 00:13:49 +01:00
Hans Dedecker
26923ab110 odhcp6c: fix PKG_SOURCE_URL
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-01 21:16:44 +01:00
Hans Dedecker
88173676b1 odhcpd: update to git HEAD version
3317c86 dhcpv6-ia: apply lease delete based on assignment bound state
df50429 odhcpd: properly handle netlink messages (FS#388)
83d72cf odhcpd: fix coding style

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-01 21:07:08 +01:00
Felix Fietkau
06bb0a89b7 ath10k-firmware: revert faulty PKG_SOURCE_DATE change from 7cb27b46
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-01 18:04:43 +01:00
Pavel Kubelun
b650112b65 ath10k-firmware: update qca9984 firmware and board data
Fixes firmware crash in rare cases and a bug
ath10k_pci 0001:01:00.0: received unexpected tx_fetch_ind event: in
push mode
for those who kept experiencing it after previous firmware update.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2017-02-01 18:00:39 +01:00
Felix Fietkau
dabdd123c9 mt76: update to the latest version
Uses upstream code to parse DT supported band/frequency information.
Update existing .dts files to the new format and remove unnecessary
overrides.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-01 17:49:55 +01:00
Felix Fietkau
f6750db5dd ath10k-ct: depend on kmod-hwmon-core, it gets used when CONFIG_THERMAL is set
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-01 17:49:54 +01:00
Felix Fietkau
02586cb105 ath10k-ct: fix kernel api compatibility issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-01 17:49:54 +01:00
Felix Fietkau
f18f3c87f3 rotary-gpio-custom: depend on Linux 3.18 and 4.4 (will not work on newer kernels)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-01 17:49:53 +01:00
Felix Fietkau
a112786acb xtables-addons: update to version 2.12
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-01 17:49:53 +01:00
Ben Greear
7cb27b462c ath10k-ct: Support ath10k CT firmware for 9887 chipsets.
And, update support for 9880 chipsets.  The new firmware
fixes a regression with EAPOL 4/4 packets added in
a recent commit.

It also fixes a case where the firmware would improperly try
to use STBC when configured for 1x1 (as 9887 always is).

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-02-01 17:49:53 +01:00
Ben Greear
f9c6cc277f ath10k-ct: Fix performance of 2x2 hardware running 3x3 firmware.
The driver had a bug when calculating the rateset.  This resolves
that and allows full VHT mcs rates on 2x2 hardware.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-02-01 17:49:53 +01:00
Felix Fietkau
185c37467e leds-apu2: add compatibility for linux 4.9
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-01 17:49:52 +01:00
Felix Fietkau
139eb6870b gpio-nct5104d: add compatibility for linux 4.9
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-01 17:49:52 +01:00
Hans Dedecker
4d10030c3c odhcp6c: use LEDE_GIT in package source url
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-01-31 21:58:12 +01:00
Felix Fietkau
0089240796 mt76: update to the latest version
Fixes DFS detection false positive issues

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-31 21:29:02 +01:00
Rafał Miłecki
1a14ffaf2b mac80211: start hostapd with logging wpa_printf messages to syslog
Some debugging/error messages are printed using wpa_printf and this
change allows finally reading them out of the syslog.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-01-31 13:55:38 +01:00
Rafał Miłecki
546b1a4d36 hostapd: enable support for logging wpa_printf messages to syslog
This will allow starting hostapd with the new -s parameter and finally
read all (error) messages from the syslog.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-01-31 13:55:26 +01:00
Felix Fietkau
33a840a3ff ath9k: remove the deaf rx path state check patch
This needs to be refined and reworked before we can safely leave it
enabled by default

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-31 11:44:36 +01:00
Felix Fietkau
bbbff619b9 mdns: update to the latest version
- fixes unaligned acccesses, causing DNS parsing issues on ARMv5
- fixes service timeout handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-31 11:24:19 +01:00
Hans Dedecker
4096d33ce4 odhcpd: use LEDE_GIT in package source url
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-01-30 22:27:30 +01:00
Kevin Darbyshire-Bryant
bdd1fad9e3 iproute2: cake: update cake support
Updated cake's tc patch to match the official cake repository
formatting.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-01-30 16:30:41 +01:00
Kevin Darbyshire-Bryant
8a8fa29e20 kmod-sched-cake: Bump to latest version
wash, mpu & some memory optimisation have now made it to the official
cake repository.

Point LEDE to the official repository.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-01-30 16:30:41 +01:00
Hans Dedecker
542feafd90 odhcp6c: update to git HEAD version
c13b6a0 dhcpv6: fix white space error
e9d80cc dhcpv6: trigger restart of DHCPv6 state machine when not
		receiving statefull options
c7122ec update README
419fb63 dhcpv6: server unicast option support

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-01-30 15:11:47 +01:00
Mathias Kresin
60fce1258c base-files: don't overwrite model name set by target
The condition is always true due to the literal string followed the
-n test parameter. A model name set by target scripts always gets
overwritten this way.

Change the condition to check for an already existing destination file
as it was before 5e85ae9 ("base-files: fix error message during boot").

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-01-30 08:55:41 +01:00
Rafał Miłecki
37b489fe04 hostapd: backport support for sending debug messages to the syslog
It wasn't possible to read hostapd wpa_printf messages unless running
hostapd manually. It was because hostapd was printing them using vprintf
and not directly to the syslog.

We were trying to workaround this problem by redirecting STDIN_FILENO
and STDOUT_FILENO but it was working only for the initialization phase.
As soon as hostapd did os_daemonize our solution stopped working.

Please note despite the subject this change doesn't affect debug level
messages only but just everything printed by hostapd with wpa_printf
including MSG_ERROR-s. This makes it even more important as reading
error messages can be quite useful for debugging.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-01-30 06:52:02 +01:00
Florian Fainelli
f3c5934981 rpcd: Explicitly link with lcrypt
Fixes build issues with some toolchains that don't add lcrypt in the default
search paths:

CMakeFiles/rpcd.dir/session.c.o: In function `rpc_login_test_password':
build_dir/target-mipsel-linux-gnu/rpcd-2016-12-03-0577cfc1/session.c:823: undefined reference to `crypt'
collect2: error: ld returned 1 exit status

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-01-29 11:51:02 -08:00
Florian Fainelli
200d932322 toolchain: Broaden the executable loader pattern
Some toolchains will produce executables with an interpreter that is e.g:
ld.so.1 (typically a symbolic link). Due to our current LIBC_SPEC_FILE value,
we would not be able to copy this symbolic link/file over to the rootfs and
executables would fail to load. Extend the search pattern to include all
ld*.so* files that could be needed.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-01-29 11:51:02 -08:00
Magnus Kroken
84da2a677a busybox: update to 1.26.2
Refresh patches, delete patches that have been applied upstream.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix defaults]
2017-01-29 14:09:38 +01:00
Magnus Kroken
5d2a9d2a3a busybox: convert netmsg and lock applet to "new style" applet definition
The "new style" busybox applet approach moves all config and build
definitions related to an applet to its .c file. This makes the
patches easier to maintain, as they only add new files to the busybox
build directory, without modifying BusyBox files.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2017-01-29 14:09:36 +01:00
Hauke Mehrtens
12db207e9b openssl: update to version 1.0.2k
This fixes the following security problems:
CVE-2017-3731: Truncated packet could crash via OOB read
CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64
CVE-2016-7055: Montgomery multiplication may produce incorrect results

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-27 23:38:17 +01:00
Felix Fietkau
9f7fc2376d kernel: mark nvmem as hidden, it is only used as a library for other modules
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-27 16:54:30 +01:00
Jo-Philipp Wich
475da81ec0 ixp4xx: put apex images into image staging directory
Do not put the apex images into the kernel build directory as this directory
might get removed after kernel updates while the apex packages InstallDev
recipe is not getting re-executed because it is still considered current,
leading to image build failures later on due to missing images.

To ensure that built bootloader images persist over kernel version updates in
the buildroot, put them into the new STAGING_DIR_IMAGE directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-27 16:53:31 +01:00
Jo-Philipp Wich
e0579aecf8 mxs: put u-boot images into image staging directory
Do not put the u-boot images into the kernel build directory as this directory
might get removed after kernel updates while the u-boot packages InstallDev
recipe is not getting re-executed because it is still considered current,
leading to image build failures later on due to missing images.

To ensure that built bootloader images persist over kernel version updates in
the buildroot, put them into the new STAGING_DIR_IMAGE directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-27 16:53:31 +01:00
Jo-Philipp Wich
7f9d537f21 oxnas: put u-boot images into image staging directory
Do not put the u-boot images into the kernel build directory as this directory
might get removed after kernel updates while the u-boot packages InstallDev
recipe is not getting re-executed because it is still considered current,
leading to image build failures later on due to missing images.

To ensure that built bootloader images persist over kernel version updates in
the buildroot, put them into the new STAGING_DIR_IMAGE directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-27 16:53:31 +01:00
Jo-Philipp Wich
cf3d1b61bf sunxi: put u-boot images into image staging directory
Do not put the u-boot images into the kernel build directory as this directory
might get removed after kernel updates while the u-boot packages InstallDev
recipe is not getting re-executed because it is still considered current,
leading to image build failures later on due to missing images.

To ensure that built bootloader images persist over kernel version updates in
the buildroot, put them into the new STAGING_DIR_IMAGE directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-27 16:53:31 +01:00
Jo-Philipp Wich
c6502ce3bb layerscape: put u-boot and ucode images into image staging directory
Do not put the u-boot and ucode images into the kernel build directory as this
directory might get removed after kernel updates while the u-boot packages
InstallDev recipe is not getting re-executed because it is still considered
current, leading to image build failures later on due to missing images.

To ensure that built bootloader images persist over kernel version updates in
the buildroot, put them into the new STAGING_DIR_IMAGE directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-27 16:53:31 +01:00